# ansible项目 **Repository Path**: dong-jun123123/ansible-project ## Basic Information - **Project Name**: ansible项目 - **Description**: No description available - **Primary Language**: Unknown - **License**: Not specified - **Default Branch**: master - **Homepage**: None - **GVP Project**: No ## Statistics - **Stars**: 1 - **Forks**: 0 - **Created**: 2023-10-08 - **Last Updated**: 2024-07-08 ## Categories & Tags **Categories**: Uncategorized **Tags**: Ansible, shell ## README # Ansible部署高可用Web集群 ## 项目介绍: 本项目由1台Master主机和8台node节点共9台服务器组成: 1台Master主机(须保证其yum源可用且已经安装了Ansible并可以免密登陆所有从机) 1台数据库服务器(数据库默认账号为webadmin,密码为Qwer1234@) 1台静态文件服务器 1台备份服务器 3台web服务器 2台负载均衡服务器 ## 项目架构: ![项目架构图](https://gitee.com/dong-jun123123/ansible-project/raw/master/images/%E9%A1%B9%E7%9B%AE%E6%9E%B6%E6%9E%84%E5%9B%BE.png) ## 更新日志: V1.1: 1.现在可以在master主机中访问/web目录和/backup目录; 2.修复了remi-release安装失败的问题。 V1.2(2024-7-4): 1.修复了两台LB服务器必须关闭防火墙后才能正常访问; 2.现在两个网站都支持HTTPS并使用域名来访问。 V1.3(2024-7-6): 1.新增时间同步功能,保证每个节点中的时间一致; 2.新增数据库数据会实时同步至备份服务器中; 3.现在主LB节点上的keepalived会周期性的检查Nginx运行状态并作出相应的处理。 ## 软件版本: 服务器系统版本:CentOS Linux release 7.9.2009 (Core) Ansible版本:2.9.27 Python版本:2.7.5、3.6.8 MySQL版本:5.7.44 Nginx版本:1.26.1 PHP版本:7.2.34 JDK版本:1.8.0 Tomcat版本:9.0.45 ## 目录结构: ``` . ├── cert │   └── https.pem ├── confs │   ├── confxml.xml │   ├── default.conf │   ├── exports │   ├── exports_master │   ├── keepalived_master.conf │   ├── keepalived_slave.conf │   ├── master_my.cnf │   ├── nginx_lb.conf │   ├── proxy_params │   ├── rsyncd.conf │   ├── server.xml │   └── slave_my.cnf ├── images # 该目录用来存放一些截图,可忽略 ├── main.sh ├── playbooks │   ├── backup_server.yml │   ├── backup.yml │   ├── db_server.yml │   ├── global_configuration.yml │   ├── lb_server.yml │   ├── lnmp_server.yml │   ├── main.yml │   ├── master_server.yml │   ├── mysql_replication.yml │   ├── nfs_server.yml │   └── zrlog_server.yml ├── README.md ├── repos │   ├── extra.repo │   ├── mysql.repo │   └── nginx.repo ├── scripts │   ├── bak_original_repo_files.sh │   ├── check_nginx.sh │   ├── rsync_client.py │   └── set_db_passwd.sh ├── services │   ├── sersync.service │   └── tomcat.service └── tools ├── apache-tomcat-9.0.45.tar.gz ├── sersync2 ├── WeCenter322.tar.gz └── zrlog.war ``` ## 运行步骤: 1.Master机安装git: ``` yum install -y git ``` 2.克隆仓库: ``` git clone https://gitee.com/dong-jun123123/ansible-project.git ``` 3.配置Master主机免密登录本机: ``` ssh-copy-id root@127.0.0.1 /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub" The authenticity of host '127.0.0.1 (127.0.0.1)' can't be established. ECDSA key fingerprint is SHA256:zcl1cC3gpy9Agthqz9y1o0P3bDEUmGuDqA8C6mkYj0Y. ECDSA key fingerprint is MD5:8a:f4:2a:cf:c1:4f:5d:42:b2:1f:d1:3c:cc:b5:3d:86. Are you sure you want to continue connecting (yes/no)? yes /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys root@127.0.0.1's password: # 这里输入master机密码 Number of key(s) added: 1 Now try logging into the machine, with: "ssh 'root@127.0.0.1'" and check to make sure that only the key(s) you wanted were added. ``` 4.修改/etc/ansible/hosts文件中的IP地址,可将注释内容全部删掉: ``` cat /etc/ansible/hosts [master] 127.0.0.1 [db] 192.168.153.141 [nfs] 192.168.153.149 [backup] 192.168.153.143 [php] 192.168.153.144 # web1 192.168.153.146 # web2 [java] 192.168.153.147 # web3 192.168.153.146 # web2 [lb] 192.168.153.148 # 主LB 192.168.153.151 # 从LB [web:children] php java ``` 5.取消/etc/ansible/ansible.cfg文件的第71行注释: ``` host_key_checking = False ``` 6.修改完成后可检查其连通性: ``` ansible all -m ping ``` 如果全为绿色则说明所有主机都在线,再进行以下操作。 7.运行脚本: ``` cd ansible-project/ [root@localhost ansible-project]# ./main.sh 请输入NFS服务器的IP:192.168.153.149 请输入LB主服务器的IP:192.168.153.148 请输入LB从服务器的IP:192.168.153.151 请输入公网IP:192.168.153.201(自行输入同一网段的任意未被使用过的IP) 请输入backup服务器IP:192.168.153.143 请输入web1服务器IP:192.168.153.144 请输入web2服务器IP:192.168.153.146 请输入web3服务器IP:192.168.153.147 ``` 8.修改客户端主机的hosts文件,Windows端的路径为C:\Windows\System32\drivers\etc\hosts: ``` # For example: # # 102.54.94.97 rhino.acme.com # source server # 38.25.63.10 x.acme.com # x client host # localhost name resolution is handled within DNS itself. # ::1 localhost 192.168.246.100 www.zrlog.com # 这里的IP为虚拟公网IP 192.168.246.100 www.zhihu.com ``` 9.最终效果: 访问www.zrlog.com页面为: ![zrlog](https://gitee.com/dong-jun123123/ansible-project/raw/master/images/zrlog.png) 访问www.zhihu.com页面为: ![zhihu](https://gitee.com/dong-jun123123/ansible-project/raw/master/images/zhihu.png) ## 常见问题及解决方法: 1.如果在使用yum安装包时遇到了网络相关的问题: ![error2](https://gitee.com/dong-jun123123/ansible-project/raw/master/images/error2.png) 可将playbooks/db_server.yml文件中的26、27行注释掉: ![error4](https://gitee.com/dong-jun123123/ansible-project/raw/master/images/%E6%B3%A8%E9%87%8A%E6%8E%89%E4%BB%A3%E7%A0%81.png) 再重新运行剧本: ``` ansible-playbook playbooks/main.yml ``` ## 已知问题: 1.在LNMP主机下因为SELinux上下文原因导致网页403错误因此将其关闭。